In February of this year, we announced our revised deprecation plan for TLS 1.0 and 1.1. As part of that plan, we promised to provide customers who wish to enforce stricter security requirements an opportunity to migrate to hosts that only support TLS connections via the TLS 1.2 protocol ahead of our planned deprecation schedule for the rest of the network. We’re happy to announce that you can now request migration to these TLS 1.2-only hosts if you’ve purchased a paid TLS option.
If you’re currently using our shared SAN or wildcard SAN options, we will add your domains to a certificate on a new TLS 1.2-only host. You’ll then need to modify your CNAME and Anycast (if applicable) DNS records to point to this new host. (We will leave the domain on both certificates during the migration period so traffic is not interrupted.)
If you’re using our customer certificate hosting option, we can disable TLS 1.0 and 1.1 on request with no further action on your part.
Keep in mind that, while TLS 1.2 is supported in all modern browsers, removing support for TLS 1.0 and 1.1 may prevent some older browsers from reaching your site over TLS. A great breakdown of which browsers support which version of TLS is here.
If you'd like to migrate to TLS 1.2-only, or have any questions about the process, please contact our team and we'll be happy to help.
You may also like:
Sponsoring the Tor project with content delivery services
Fastly has historically supported many open source projects. We’re happy to announce that Fastly now provides sponsored Content Delivery for the Tor Project. TorBrowser updates are served over the Fastly network, taking...
Lean Threat Intelligence Part 3: Battling log absurdity with Kafka
In “Lean Threat Intelligence Part 2: The foundation,” we explained how we built our log management system, Graylog, using Chef. Next, we’ll cover how we created a message pipeline that allows us to route messages…
Recapping our second Fastly Security Speaker Series
On May 25, we had over 50 security researchers and engineers from the Bay Area and beyond in our San Francisco office for our recurring Fastly Security Speaker Series. This event focused on hardware security,…